Privacy Policy

Privacy Policy

Privacy Policy

2022. 05. 30.

QUOTA LAB ASIA PTE. LTD. - Data Protection and Privacy Policy

QUOTA LAB ASIA PTE. LTD. (hereinafter referred to as the “Company” or “Quota Lab”) acknowledges the importance of safeguarding and protecting personal data (the “Personal Data”)of individuals from any such misuse. This Data Protection and Privacy Policy (the “Policy”) sets out the Company rules and guidelines relating to the collection, disclosure, processing, use and safeguarding Personal Data of individuals by the Company, in adherence with the Personal Data Protection Act 2012 (No. 26 of 2012) of Singapore (“PDPA”) and current "best practices" based on the guidance of the Personal Data Protection Commission (the “PDPC”).

If an individual, at any time, has any questions or feedback relating to the Company’s Policy or the Company’s collection, use, processing and protection of their Personal Data, please do not hesitate to contact the Company’s Privacy Protection Officer at info@quotabook.com. 

1. Purpose of Use of Personal Information

Personal information will be used for the following purposes and will not be used for purposes other than the listed below. If there is to be a change in the purpose of use, the Company shall receive agreement prior to the change. 

a. Website registration and management

To verify your intention to register, manage user qualification, identify personal identification, prevent misuse of services, notify various changes or notifications, handle issues, keep record of conflicts etc.

b. Provision of product or service

To provide service, contents, or customized services, as well as fee payment etc. 

c. Marketing and advertising

To develop new services and provide customized services, provide information and opportunities to participate in events and promotions, provide services and publish advertisements according to demographic features, to verify the validity of services, to figure out access frequencies or obtain statistics on the service uses by members

2. Types of Personal Data Collected and Collection Methods

a. Types of Personal Data Collected

Firstly, the Company collects the following information when users initially register for proper registration, smooth customer service, and various other services. 

·      ID, password, full name, birthday, home address, business registration number, fax number

·      Company name, title, CEO name, company address, company phone number, administrator’s mobile phone number

Secondly, in the process of using paid services, the following information may be collected.

·      Credit card information, bank account information, payment history. 

Thirdly, in the process of using services or business operation, the following information maybe automatically created and collected.

·      Access IP information, records of service use, records of access and visit information

b. Personal Information Collection Methods

·      Website, smartphone app, hardcopy document, fax, phone, customer support bulletin board, email

·      Provision from third-party partner companies

3. Storage and Use Period of Personal Information

The Company retains and uses personal information for a specified period of time incompliance with relevant laws or as agreed upon by the information provider at the time of collection. 

a. Personal information related to website registration and management, customer service, provision of products and services, provision of marketing and advertisements are stored and used from date of privacy information collection agreement till membership withdrawal

4. Provision of Private Information to Third Parties

Quota Lab only provides personal information to third parties provided that consent from the information provider has been obtained or as allowed by specific provisions under the law.

5. Consignment of Personal Information

Quota Lab entrusts personal information processes to third parties that provide professional services to offer its services, taking necessary measures for safe protection of personal data when consigning it to third parties in accordance with related laws. 

Personal information may not be used for purpose other than the entrusted activities, technical and administrative measures are to be taken for safety, reconsignment is to be restricted, management oversight of the consignee is provided, any damage shall be compensated and etc., supervising whether the consignee handles personal information safely.  

If the scope of consignment or the consignee is to change, the Company shall disclose the personal information processing policy without delay. 

Entrusted  Company (Consignee) & Entrusted  operations

CODEF

·        Transmitting personal (credit) information through data subject’s  authenticated information

·        Requesting through data subject’s authenticated information for the  improvement of API service and operation

·        Storing request and response data (Full destruction upon the end of  consignment contract)

·        Processing data subject’s requests for perusal, correction, deletion,  suspension of personal information

Kakao Pay

·        Verification of identity for registration and voting for specific  agendas

Korea  Financial Telecommunications and Clearings Institute (KFTC)

·        CMS withdrawal & transfer services

Sendgrid

·        Sending out emails of major transactions (Location: United States)

ActiveCampaign

·        Sending out emails (Location: United States)

Channel Corp.

·        Customer service management (Location: South Korea)

6. Rights of Users & Legal Representatives and Exercising Those Rights

Users, as owners of personal information, are entitled to exercise their rights listed below. 

a. Users can exercise their rights to personal information listed below at any time

i) Request to view personal information
ii) Request to edit errors
iii) Request to delete
iv) Request to stop process

b. Data subjects can exercise the rights provided in paragraph (1) by submitting a request to Quota Lab by post, email or fax and the Company shall take measures without any delay.  

c. When a data subject requests the correction or deletion of any error, etc., to the data subject’s personal information, the relevant information will not be used or provided until it is corrected or deleted.

d. A data subject may exercise the rights provided in paragraph (1) through an agent, including a legal representative and a power of attorney. In such cases, the data subject must submit a letter of delegation.

 

7. Installation, Operation and Rejection of Automatic Personal Information Collection System

The Company uses cookies that periodically search and save user information. Cookie is a small piece of text files that a server uses to operate a website, sent to the user's web browsers and that is stored on the user’s hard drive. Quota Lab uses encrypted cookies for the following purposes:

a. Purpose of use

To provide personalized service and target marketing based on statistical analysis of member/non-member visit frequency or time, user interest area or preference and its tracking, event participation frequency etc. Users have the right to allow all cookies, confirm at every cookie savings or to reject all savings of cookies from the web browser's setting options.  

b. Ways to reject the use of cookies

(Example: You can opt in or out of the use of cookies from your web browser’s options, either to allow all cookies, confirm at every cookie savings or to reject all savings of cookies)

Method: ie. Internet Explorer => Select "Tool" menu at the top of the browser.> "Internet Options" > "Personal Data" Tab >Settings (Please be noted that if you choose to opt out of cookies, it might be difficult for the Company to provide you with a personalized service)

c. On installation, operation and rejection of other automatic personal information collection systems

To provide better service to users, Quota Lab uses Google’s Web log analytics tool, Google Analytics. 

Google Analytics collects the Company website user’s behavioral data through cookies, and only collects personally unidentifiable information. Even in this case, the user can install additional add-on from https://tools.google.com/dlpage/gaoptout to opt out of Google Analytics or can set from web browsers to opt out from cookies to refuse the use of Google Analytics. Please be noted that if you choose to opt out of Google Analytics, it might be difficult for the Company to provide you with a personalized service. Personally identifiable information collected through Google Analytics can be used for online advertising purposes through Google Ads service.

8. Destruction of Personal Information

Quota Lab destroys user personal information immediately after the purpose of collection has been properly achieved. The procedures and methods for destroying personal information are as follows:

·      Destruction procedure: Personal information provided by a user is destroyed in accordance with relevant laws and internal policies after the expiration of the retention period or the achievement of original purpose.

·      Destruction method: The Company destroys personal information in the following ways

o   Electronic data will be destroyed in an irreversible manner using technical methods. 

o   Paper data will be either destroyed by a shredder or will be incinerated

9. Security Practices Regarding Personal Information

Quota lab takes the following technical, managerial and physical security measures in accordance with  Personal Data Protection Act

a. Minimization of personnel handling personal information and training. 

The Company designates personnel in charge of personal information at a minimal level on order to protect personal information. 

b. Personal information encryption

User’s personal information and password are encrypted for storage and can be only accessed by the user. Important information such as files and transferred data are also encrypted or locked using passwords and properly secured. 

c. Incident measures (ie. hacking)

Quota Lab runs security/protection programs to prevent personal information from being leaked or damaged due to incidents such as hacking or computer viruses. The Company also conducts periodical updates to check and install systems to prevent and monitor restricted information and area from external access technically and physically. 

d. Restricted access to personal information

The Company is taking necessary steps to prevent access to personal information through granting, updating and expiring permission to the database system to handle personal information and is restricting unpermitted external access through intrusion prevention system. 

e. Systems to secure documents

Documents or other storage devices that store user’s personal information are stored and managed in a safe place with secure locking systems. 

f. Access control of unauthorized persons

The Company holds a separate physical place to store personal information. We implemented and are operating its access control.

10. Privacy Protection Officer

a. To be responsible for personal information processes and to handle personal information subject’s complaints, inquiries and to protect users from damage, Quota Lab appoints the following personal information protection manager.

▶ Officer in charge

Name : Dong Hyun Choi

Position : Director of Information Security

Contact number : +82-02-6447-8004

Contact email : info@quotabook.com

b. For any inquiries, complaints, damage relief or other matters concerning personal information protection, data subjects can contact and inquire directly to the Privacy Protection Officer.

11. Amendment to the Privacy Policy

This Privacy Policy is enforced from May 31, 2022 and any amendment due to the change, inclusion or deletion to laws or terms shall be notified seven (7) days before the actual enforcement of the updated policy.